ua_plugin_access_control.h 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/.
  4. *
  5. * Copyright 2017 (c) Julius Pfrommer, Fraunhofer IOSB
  6. * Copyright 2017 (c) Stefan Profanter, fortiss GmbH
  7. */
  8. #ifndef UA_PLUGIN_ACCESS_CONTROL_H_
  9. #define UA_PLUGIN_ACCESS_CONTROL_H_
  10. #ifdef __cplusplus
  11. extern "C" {
  12. #endif
  13. #include "ua_types.h"
  14. /**
  15. * .. _access-control:
  16. *
  17. * Access Control Plugin API
  18. * =========================
  19. * The access control callback is used to authenticate sessions and grant access
  20. * rights accordingly. */
  21. typedef struct {
  22. /* These booleans are used to create endpoints for the possible
  23. * authentication methods */
  24. UA_Boolean enableAnonymousLogin;
  25. UA_Boolean enableUsernamePasswordLogin;
  26. /* Authenticate a session. The session context is attached to the session and
  27. * later passed into the node-based access control callbacks. */
  28. UA_StatusCode (*activateSession)(const UA_NodeId *sessionId,
  29. const UA_ExtensionObject *userIdentityToken,
  30. void **sessionContext);
  31. /* Deauthenticate a session and cleanup */
  32. void (*closeSession)(const UA_NodeId *sessionId, void *sessionContext);
  33. /* Access control for all nodes*/
  34. UA_UInt32 (*getUserRightsMask)(const UA_NodeId *sessionId, void *sessionContext,
  35. const UA_NodeId *nodeId, void *nodeContext);
  36. /* Additional access control for variable nodes */
  37. UA_Byte (*getUserAccessLevel)(const UA_NodeId *sessionId, void *sessionContext,
  38. const UA_NodeId *nodeId, void *nodeContext);
  39. /* Additional access control for method nodes */
  40. UA_Boolean (*getUserExecutable)(const UA_NodeId *sessionId, void *sessionContext,
  41. const UA_NodeId *methodId, void *methodContext);
  42. /* Additional access control for calling a method node in the context of a
  43. * specific object */
  44. UA_Boolean (*getUserExecutableOnObject)(const UA_NodeId *sessionId, void *sessionContext,
  45. const UA_NodeId *methodId, void *methodContext,
  46. const UA_NodeId *objectId, void *objectContext);
  47. /* Allow adding a node */
  48. UA_Boolean (*allowAddNode)(const UA_NodeId *sessionId, void *sessionContext,
  49. const UA_AddNodesItem *item);
  50. /* Allow adding a reference */
  51. UA_Boolean (*allowAddReference)(const UA_NodeId *sessionId, void *sessionContext,
  52. const UA_AddReferencesItem *item);
  53. /* Allow deleting a node */
  54. UA_Boolean (*allowDeleteNode)(const UA_NodeId *sessionId, void *sessionContext,
  55. const UA_DeleteNodesItem *item);
  56. /* Allow deleting a reference */
  57. UA_Boolean (*allowDeleteReference)(const UA_NodeId *sessionId, void *sessionContext,
  58. const UA_DeleteReferencesItem *item);
  59. } UA_AccessControl;
  60. #ifdef __cplusplus
  61. }
  62. #endif
  63. #endif /* UA_PLUGIN_ACCESS_CONTROL_H_ */